[BUGFIX] Do not try to authorize user which were not fetched by the service

vertexvaar · vertexvaar · commit e1dd82924b69 · 2018-03-15T15:32:31.000+01:00
diff --git a/Classes/Authenticator.php b/Classes/Authenticator.php
@@ -34,6 +34,8 @@ class Authenticator extends AbstractAuthenticationService
      */
     protected $userRepository = null;
 
+    protected $shouldAuth = false;
+
     /**
      * Authenticator constructor.
      */
@@ -65,7 +67,7 @@ public function getUser()
             } catch (ClientException $e) {
                 return false;
             }
-
+            $this->shouldAuth = true;
             return $this->userRepository->processInfo($info);
         } elseif ('deleted' === $state) {
             $this->userRepository->removeUser($username);
@@ -80,6 +82,9 @@ public function getUser()
      */
     public function authUser(array $user)
     {
+        if (!$this->shouldAuth) {
+            return 100;
+        }
         if (!isset($this->login['uident_text'])) {
             $rsaEncryptionDecoder = GeneralUtility::makeInstance(RsaEncryptionDecoder::class);
             $this->login['uident_text'] = $rsaEncryptionDecoder->decrypt($this->login['uident']);
